Compliance Consultant

FIND YOUR 'BETTER' AT AIA

We don't simply believe in being 'The Best'. We believe in better - because there's no limit to how far 'better' can take us.

We believe in empowering every one of our people to find their 'better' - in the work they do, the career they build, the life they live and the difference they make. So that together we can support even more people - including our own - to live Healthier, Longer, Better Lives.

If you believe in better, we'd love to hear from you.

About the Role

Compliance Consultant (Data Privacy and FATCA) is expected to understand, develop, and implement processes and solutions that revolve around data privacy, information security, and business continuity management best practices. The Data Privacy and Compliance associate identifies potential risks in the processes of the company and ventures, and provides recommendations for remediation. Lastly, the Data Privacy and Compliance Associate is also expected to collaborate and lead synergy efforts with compliance and regulatory organizations and bodies.

Roles and Responsibilities:

Manage the implementation  of the  Rules and Regulations (IRR) of the Data Privacy Act (DPA) and Group DP Standard:

• Accountable for ensuring compliance with the Data Privacy Act, its IRRs, related issuances of the National Privacy Commission, and other applicable laws and regulations relating to data privacy and information security. Monitor new issuances/regulations of NPC and perform gap analysis
• Ability to translate legal privacy and information security requirements into effective management programs and processes by understanding how they affect business operations across the organization.
• Ensures privacy and security compliance across all company engagements with in-house and third party platforms, applications, vendors and service providers.
• Conduct risk assessments and Compliance testing of Data Privacy controls
• Understand and relate product development and technology concepts and requirements to compliance frameworks and standards
• Evaluate current ways of working to propose solutions (process/ tools) to promote a privacy and security first approach
• Liaise with legal, the information and security division, and the DPO for all matters related to data privacy.
• Cooperate, coordinate, and seek the advice of the NPC and other regulatory and compliance bodies regarding matters concerning data privacy and security.
• Oversee and conduct Privacy Impact Assessments and related activities on company projects, programs, initiatives or systems.
• Conduct onboarding and refresher sessions for new and existing employees on all matters relating to information security and data privacy.
• Advocate for the development, review and/or revision of policies, guidelines, projects and/or programs of the company relating to privacy and data protection, by adopting a privacy by design approach.
• Document and develop new processes related to compliance, and maintain a repository of documents and legal agreements related to data privacy.
• Contribute to the continuous improvement of the Company's privacy compliance posture by leading and taking an active part in all information security and data privacy-related audits, document control, certifications and compliance initiatives.
• Ensure proper data breach and security incident management by the company.
• Inform and cultivate awareness on privacy and data protection within the company
• Engage in continuous training and education on privacy law and policy, privacy program management, and privacy best practices. Oversee implementation of annual Data Privacy training
• Perform other tasks and duties that may be assigned by the company that will further the interests of data privacy and security and uphold the rights of data subjects.
• Collaborate with relevant business/operational functions to embed Group and local requirements in the business procedures & implementation of operational controls.Partner with relevant business units in reviewing their processes and systems including review of RCAT/PIA, DSAs
• Assist the Data Protection Officer to ensure compliance with the implementing rules and regulations of the Data Privacy Act including registration of DPO, registration of systems, filing of ASIR, breach notification
• Regular review of Data privacy, guidelines, and procedures, Privacy Policy Statement and other related DP documents
• Partner with Records Management in the implementation of purging

Managing the FATCA compliance program  by undertaking the following:

• Reviewing and maintaining on an ongoing basis, local policies and standard operating procedures  to ensure compliance with FATCA.
• Collaborate with relevant business/operational functions to embed Group and local requirements in the business procedures & implementation of operational controls.
• Facilitate Annual FATCA Certification with Group Compliance
• Monitoring implementation of corrective actions to remediate any identified deficiencies, particularly remediation of customers.
• Proactively monitoring relevant internal developments and regulatory & industry developments and initiating necessary action.
• Submission of monthly FATCA report to Group Compliance

Support Regulatory Compliance by performing the following:

Provide assistance to the Regulatory Compliance Principal in monitoring and reviewing regulations and internal policies

Minimum Job Requirements:

• Law, Business Management, Information Security, Computer Science or other related course
• Data Privacy
• Regulatory Compliance or similar experience
• Financial Industry (Insurance, Bank, Fintech etc.)
• At least 4 years experience

Technical Skills:

• Excellent interpersonal skills
• Experienced in contracts and regulatory reviews
• Background in IT management is a plus
• Legal and policy background preferred but not required
• Microsoft Office (Teams, Word, Power Point, Excel)
• Ability to problem-solve complex business scenarios to guide data privacy actions and compliance
• Ability to communicate effectively in written and verbal English
• Accuracy in the completion of assigned tasks, team processes and standard operating procedures Good time management skill
• Certifications / Licenses: None

Build a career with us as we help our customers and the community live Healthier, Longer, Better Lives.

You must provide all requested information, including Personal Data, to be considered for this career opportunity. Failure to provide such information may influence the processing and outcome of your application. You are responsible for ensuring that the information you submit is accurate and up-to-date.

---